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DETAILED ACTION 



1. 



Claims 1-6, 8-31, 33-47, and 49-72 have been examined. 



Response to Arguments 



2. Applicant's arguments with respect to claims 1-6, 8-31, 33-47, and 49-72 have been 
considered but are moot in view of the new ground(s) of rejection. 

3. Applicant's arguments, see Appeal Brief, filed 8/3/05, with respect to the rejection(s) of 
claim(s) 1-6, 8-31, 33-47, and 49-72 under 103(a) have been fully considered and are persuasive. 
Therefore, the rejection has been withdrawn. However, upon further consideration, a new 
ground(s) of rejection is made in view of Adams. 



4. Claims 1-6, 8-31, 33-47, and 49-72 of this application conflict with claims 1-47 of 
Application No. 09/653,215. 37 CFR 1 .78(b) provides that when two or more applications filed 
by the same applicant contain conflicting claims, elimination of such claims from all but one 
application may be required in the absence of good and sufficient reason for their retention 
during pendency in more than one application. Applicant is required to either cancel the 
conflicting claims from all but one application or maintain a clear line of demarcation between 
the applications. See MPEP § 822. 

5. The nonstatutory double patenting rejection is based on a judicially created doctrine 
grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or 
improper timewise extension of the "right to exclude" granted by a patent and to prevent possible 
harassment by multiple assignees. See In re Goodman, 1 1 F.3d 1046, 29 USPQ2d 2010 (Fed. 



Cir. 1993); In reLongU 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 



Double Patenting 
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F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 R2d 438, 164 USPQ 619 (CCPA 
1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) may be used to 
overcome an actual or provisional rejection based on a nonstatutory double patenting ground 
provided the conflicting application or patent is shown to be commonly owned with this 
application. See 37 CFR 1.130(b). 

Effective January 1, 1994, a registered attorney or agent of record may sign a terminal 
disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 
CFR 3.73(b). 

6. Claims 1-6, 8-31, 33-47, and 49-72 are rejected under the judicially created doctrine of 
obviousness-type double patenting as being unpatentable over claims 1-47 of U.S. Patent No. 
09/653,215. Although the conflicting claims are not identical, they are not patentably distinct 
from each other because both applications are claiming method for accessing a service in a 
distributed computing environment in which a client request capability credentials to access 
portion of a service through advertisement. 



Allowable Subject Matter 

7. Claims 14, 22, 37, 46, 54, 60, 68, and 71 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 



Claim Rejections - 35 USC § 102 
8. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 
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9. Claims 1, 2, 8-13, 15-17, 20, 21, and 23-26 are rejected under 35 U.S.C 102(a) as being 
clearly anticipated by Adams U.S. Pat. No. 6718470 (hereinafter Adams). 

10. As per claim 1, Adams discloses a method for communicating in a distributed computing 
environment, comprising: a client accessing an authentication service to obtain an authentication 
credential to use a first service (Adams: column 6 lines 31-67: receiving the attribute certificate); 
determining client capabilities for said client, wherein said client capabilities are capabilities of 
said first service that said client is permitted to use (Adams: column 6 lines 49-61: the 
centralized privilege data selector); binding said client capabilities to said authentication 
credential (Adams: column 6 lines 65-66: the matching attributes are sent as pre-qualification 
data); said client sending a first message to said first service, wherein said first message includes 
said authentication credential (Adams: column 6 line 67 - column 7 line 8); said first service 
using said authentication service to authenticate said authentication credential received in said 
first message (Adams: column 7 lines 3-8: the relying party uses the centralized privilege data 
selector to generate credential for authentication); and said first service responding to said first 
message if said authentication credential in said first message is determined to be authentic as 
from said client (Adams: column 7 lines 3-8). 

11. As per claim 2, Adams discloses the method of claim 1 . Adams further discloses the 
method comprising said client obtaining an address for said authentication service from an 
advertisement for said first service, wherein said accessing an authentication service comprises 
said client sending a message to said address for said authentication service requesting said 
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authentication credential to use said advertised first service (Adams: figure 5 and column 6 lines 
31-40). 

12. As per claim 8, Adams discloses the method of claim 1. Adams further discloses said 
client sending a request message to said first service to access a capability of said first service, 
wherein said request message includes said authentication credential (Adams: column 6 line 67 - 
column 7 line 2); said first service determining that the capability requested in said request 
message is within said client capabilities (Adams: column 7 lines 3-8); and said first service 
fulfilling said request message only if the capability requested in said request message is within 
said client capabilities (Adams: column 7 lines 3-8). 

13. As per claim 9, Adams discloses the method of claim 1. Adams further discloses wherein 
said determining client capabilities comprises said client accessing an access control policy 
service to obtain a capability token indicating which capabilities of said first service said client 
permitted to access (Adams: column 6 lines 31-67). 

14. As per claim 10, Adams discloses the method of claim 10. Adams further discloses 
wherein said authentication service and said access policy service are combined as a single 
service and wherein said capability token is included within said authentication credential 
(Adams: column 6 lines 31-67). 
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15. As per claim 1 1, Adams discloses the method of claim 1. Adams further discloses 
wherein said determining client capabilities is performed by said first service (Adams: column 6 
lines 17-20: send the privilege test criteria data). 

16. As per claim 12, Adams discloses the method of claim 1. Adams further discloses said 
client generating a message gate for accessing said first service, wherein said message gate sends 
request message from said client to said first service to access said first service, and wherein said 
message gate includes said authentication credential in each message to said first service 
(Adams: column 6 line 67 - column 7 line 8). 

17. As per claim 13, Adams discloses the method of claim 1. Adams further discloses said 
client obtaining a service advertisement for said first service before accessing said first service, 
wherein said service advertisement comprises an address for said authentication service and an 
address for said first service (Adams: column 6 lines 31-48). 

18. As per claim 15, Adams discloses the method of claim 1. Adams further discloses 
wherein said authentication service is a separately addressable service from said first service 
(Adams: column 6 lines 38-42 and figure 5: centralized privilege data selector). 

19. As per claim 16, Adams discloses the method of clam 1. Adams further discloses wherein 
said client accessing an authentication service to obtain an authentication credential to use a first 
service comprises said authentication service returning said authentication credential to said 
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client only if said client is authorized to access said first service (Adams: column 6 lines 61-67: 
only send the matching attributes certificates). 

20. As per claim 17, Adams discloses a method for communication in a distributed 
computing environment, comprising: a client obtaining a service advertisement for a first service, 
wherein said service advertisement includes an address for an authentication service (Adams: 
column 6 lines 31-67); said client sending a request message to said authentication service to 
obtain an authentication credential to use said first service (Adams: column 6 lines 49-52); said 
client generating a message gate for accessing said first service, wherein said message gate 
embeds said authentication credential in every message from said client to said first service 
(Adams: column 6 lines 65-67); and said client accessing said first service through said message 
gate (Adams: column 6 line 67 - column 7 line 8). 

21 . As per claim 20, Adams discloses the method of claim 17. Adams further discloses said 
first service using said authentication service to determine if said authentication credential 
received in a first message from said client is authentic service (Adams: column 6 lines 17-20: 
send the privilege test criteria data). 

22. As per claim 21, Adams discloses the method of claim 20. Adams further discloses 
authenticating said authentication credential received in said first message from said client, said 
first service determining which capabilities of said first service said client is authorized to use, 
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wherein said first service responds to a request message from said client only if said request 
message is for an authorized capability for said client (Adams: column 7 lines 3-8). 

23. As per claim 23, Adams discloses the method of claim 20. Adams does not explicitly 
disclose said first service noting whether or not said authentication credential is authentic so that 
said first service does not need to repeat said using said authentication service to determine if 
said authentication credential received in a first message from said client is authentic. However, 
Single-Sign-On is well known in the art to reduce the burden of authentication services. 
Therefore, it would have been obvious to one having ordinary skill in the art to allow the system 
to note whether the said authentication credential is authentic to avoid repeating authentication 
process. 

24. As per claim 24, Adams discloses the method of claim 17. Adams further discloses 
wherein said service advertisement for said first service further includes an address for accessing 
said first service, wherein said authentication service and said first service are separate services 
within the distributed computing environment (Adams: column 6 lines 31-41). 

25. As per claim 25, Adams discloses the method of claim 17. Adams further discloses 
wherein said service advertisement further includes a service identifier token for said first 
service, wherein said client sending a request message to said authentication service to obtain an 
authentication credential comprises sending said service identifier token and a client identifier 
token to said authentication service (Adams: column 6 lines 49-61). 



Application/Control Number: 09/653,227 
Art Unit: 2131 



Page 9 



26. As per claim 26, Adams discloses the method of claim 25. Adams further discloses 
wherein said authentication service generates said authentication credential from said client 
identifier token and said service identifier token (Adams: column 6 lines 49-61). 

Claim Rejections - 35 USC § 103 

27. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

28. Claims 3-6, 18, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Adams in view of Czerwinski et al. "An Architecture for a Secure Service Discovery Service" 
(hereinafter Czerwinski). 

29. As per claim 3 and 44, Adams discloses the method of claims 2 and 28. Adams does not 
explicitly disclose said advertisement for said first service includes a data representation 
language schema defining a message interface for accessing said first service. However, 
Czerwinski discloses defining a message interface using XML for accessing a service 
(Czerwinski: 2.3 XML Service Descriptions). It would have been obvious to use XML message 
interface to allow communications between the relying parties and subscribers. Therefore, it 
would have been obvious to one having ordinary skill in the art at the time of applicant's 
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invention to combine the teachings of Czerwinski within the system of Adams because XML is 
well known in the art to provide greater flexibility as communication interfaces. 

30. As per claim 4, Adams as modified discloses the method of claim 3. Adams as modified 
further discloses wherein said first message corresponds to a message defined in said data 
representation language schema(Czerwinski: XML queries). 

31. As per claim 5, Adams as modified discloses the method of claim 4. Adams as modified 
further discloses the method comprising said client sending additional messages to said first 
service to use said first service, wherein said authentication credential is included with each one 
of said additional messages (Adams: column 6 lines 31-67), and wherein each one of said 
additional messages is defined by said data representation schema (Czerwinski: XML queries). 

32. As per claim 6, Adams as modified discloses the method of claim 5. Adams as modified 
further discloses said data representation language schema is an extensible Markup Language 
(XML) schema (Czerwinski: 2.3 XML Service Descriptions). 

33. As per claim 18, Adams discloses the method of claim 17. Adams does not explicitly 
disclose wherein said service advertisement further comprises a data representation language 
schema defining a message interface for accessing said first service, the method further 
comprising said message gate verifying that every message sent from said client to said first 
service complies with said data representation language schema. However, Czerwinski discloses 
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defining a message interface using XML for accessing a service (Czerwinski: 2.3 XML Service 
Descriptions). It would have been obvious to one having ordinary skill in the art at the time of 
applicant's invention to use XML to communicate between two parties. Therefore, it would have 
been obvious to one having ordinary skill in the art at the time of applicant's invention to 
combine the teachings of Czerwinski within the system of Adams because XML allows the 
encoding of arbitrary structures of hierarchical named values. 

34. As per claim 19, Adams as modified discloses the method of claim 18. Adams as 
modified further discloses wherein said data representation language schema is an extensible 
Markup Language (XML) schema and said messages from said client to said first service are 
XML messages (Czerwinski: 2.3 XML Service Descriptions). 

35. Claims 27-31, 33-36, 38-45, 47, 49-53, 55-59, 61-67, 69, 70 and 72 are rejected under 35 
U.S.C. 102(a) as being clearly anticipated by Adams or under 35 U.S. C. 103 (a) as being 
unpatentable over Adams in view of Czerwinski. 

36. As per claim 27-31, 33-36, and 38-42, claims 27-31, 33-36, and 38-42 encompass the 
same scope as claims 1-6, 8-1 1, 15, and 16. Therefore, claims 27-31, 33-36, and 38-42 are 
rejected based on the same reasons set forth in rejecting claims 1-6, 8-1 1, 15, and 16. 
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37. As per claim 43-45, 47, 49, and 50, claims 43-45, 47, 49, and 50 encompass the same 
scope as claims 1-6, 8-1 1, 15, and 16. Therefore, claims 43-45, 47, 49, and 50 are rejected based 
on the same reasons set forth in rejecting claims 1-6, 8-1 1, 15, and 16. 

38. As per claim 51-53 and 55-57, claims 51-53 and 55-57 encompass the same scope as 
claims 1-6, 8-1 1, 15, and 16. Therefore, claims 51-53 and 55-57 are rejected based on the same 
reasons set forth in rejecting claims 1-6, 8-11, 15, and 16. 

39. As per claim 58, 59, and 61, claims 58, 59, and 61 encompass the same scope as claims 
17-21 and 23-36. Therefore, claims 58, 59, and 61 are rejected based on the same reasons set 
forth in rejecting claims 17-21 and 23-36. 

40. As per claim 62-67, claims 62-67 encompass the same scope as claims 1-6, 8-1 1, 15, and 
16. Therefore, claims 62-67 are rejected based on the same reasons set forth in rejecting claims 
1-6, 8-11, 15, and 16. 

41. As per claim 69, 70, and 72, claims 69, 70, and 72 encompass the same scope as claims 
17-21 and 23-36. Therefore, claims 69, 70, and 72 are rejected based on the same reasons set 
forth in rejecting claims 17-21 and 23-36. 
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Conclusion 

42. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Rosenberg et al. E.P. 0892530 discloses method for wide area network service location 
involving service advertisement. 

Moses et al. U.S. Pat. No. 6108788 discloses certificate management system and method 
for a communication security system. 

He et al. U.S. Pat. No. 6088451 discloses security system and method for network 
element access. 

Bittinger et al. U.S. Pat. No. 6453362 discloses method for invoking server applications 
using tickets registered in a client-side remote object registries. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (571) 272-3789. The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pm 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Shin-Hon Chen 
Examiner 
Art Unit 2131 
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